Towards a science for adaptive defense: Revisit server protection

Zhisheng Hu; Ping Chen; Yang Lu; Minghui Zhu; Peng Liu

doi:10.1109/CIC.2016.25

Towards a science for adaptive defense: Revisit server protection

Zhisheng Hu, Ping Chen, Yang Lu, Minghui Zhu, Peng Liu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

Original language	English (US)
Title of host publication	Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	112-121
Number of pages	10
ISBN (Electronic)	9781509046072
DOIs	https://doi.org/10.1109/CIC.2016.25
State	Published - Jan 6 2017
Event	2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016 - Pittsburgh, United States Duration: Nov 1 2016 → Nov 3 2016

Publication series

Name	Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

Other

Other	2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016
Country/Territory	United States
City	Pittsburgh
Period	11/1/16 → 11/3/16

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Safety, Risk, Reliability and Quality
Sociology and Political Science

Access to Document

10.1109/CIC.2016.25

Cite this

Hu, Z., Chen, P., Lu, Y., Zhu, M., & Liu, P. (2017). Towards a science for adaptive defense: Revisit server protection. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016 (pp. 112-121). Article 7809698 (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIC.2016.25

Hu, Zhisheng ; Chen, Ping ; Lu, Yang et al. / Towards a science for adaptive defense : Revisit server protection. Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 112-121 (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016).

@inproceedings{d1753df9db0b466999a0b8b1cdb4182a,

title = "Towards a science for adaptive defense: Revisit server protection",

abstract = "Suffering from the big {"}hit{"} by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.",

author = "Zhisheng Hu and Ping Chen and Yang Lu and Minghui Zhu and Peng Liu",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016 ; Conference date: 01-11-2016 Through 03-11-2016",

year = "2017",

month = jan,

day = "6",

doi = "10.1109/CIC.2016.25",

language = "English (US)",

series = "Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "112--121",

booktitle = "Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016",

address = "United States",

}

Hu, Z, Chen, P, Lu, Y, Zhu, M & Liu, P 2017, Towards a science for adaptive defense: Revisit server protection. in Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016., 7809698, Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016, Institute of Electrical and Electronics Engineers Inc., pp. 112-121, 2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016, Pittsburgh, United States, 11/1/16. https://doi.org/10.1109/CIC.2016.25

Towards a science for adaptive defense: Revisit server protection. / Hu, Zhisheng; Chen, Ping; Lu, Yang et al.
Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 112-121 7809698 (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Towards a science for adaptive defense

T2 - 2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016

AU - Hu, Zhisheng

AU - Chen, Ping

AU - Lu, Yang

AU - Zhu, Minghui

AU - Liu, Peng

PY - 2017/1/6

Y1 - 2017/1/6

N2 - Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

AB - Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

UR - http://www.scopus.com/inward/record.url?scp=85013141215&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85013141215&partnerID=8YFLogxK

U2 - 10.1109/CIC.2016.25

DO - 10.1109/CIC.2016.25

M3 - Conference contribution

AN - SCOPUS:85013141215

T3 - Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

SP - 112

EP - 121

BT - Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 1 November 2016 through 3 November 2016

ER -

Hu Z, Chen P, Lu Y, Zhu M , Liu P. Towards a science for adaptive defense: Revisit server protection. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 112-121. 7809698. (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016). doi: 10.1109/CIC.2016.25

Towards a science for adaptive defense: Revisit server protection

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this